cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Agent handler disappears from the agent

Dear mcAfee, 

 

We have encountered a strange bug/issue where several servers (300+) from diffrent network have stopped communicating to our DMZ agent handlers because it is no longer visible in the McAfee agent locally on the servers. 

Our setup is 1 ePo (inside vlan NOT PUBLIC) with three agent handlers (Public in DMZ zone). 

- Communication between dmz agent handler and epo works. All 4 are functional

- agent handlers are shown as Active in ePo. We have default assingment rule saying "User all agent handlers"

- No changes made as far we know. 

- ePo version 5.9.1 and McaFee agent 5.6.0 / 5.6.2

- when we extract the agent for download from ePo we choose the option "Assign to agent handlers: All agent handlers". 

 

Now, the strange part is we have noticed that in some enviroment when we rightclick the "mcAfee agent -> About" we see that the agent is no longer listing our Public DMZ agent handlers dispite above setup . So it is missing 3 agent handlers suddenly but still shows the main ePo server for communication through 443. This presents a problem since we does not allow 443 communication to our main ePo.  

 

Is this a known behaviour? Have you encountered this bug before? 

Isn't this hardcoded in .exe file through SiteList.xml once extraced? Could a policy change for mcafee agent affect this or WHAT could possibly affect this? 

 

Regards

4 Replies
LKS
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: Agent handler disappears from the agent

Hi th3stinger,

It is not a known issue with either of this Agent version. If you do not see any RAH details under Agent about section, then there must be some changes done on Agent handler assignment rule.

So now the question to you is, if you download a fresh Agent package from ePO with selecting all the RAH and install on one client machine, does it shows all the Handler details....?

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 5

Re: Agent handler disappears from the agent

Yes, there is a known issue with the epo side of things.  There is a hotfix available by opening a ticket with McAfee to prevent issue from occurring.  Basically, issue occurs rarely when there is a temporary connection issue to the database, possibly during a sitelist update - it doesn't occur all the time.  What the hotfix does is prevent the sitelist from going to the clients in that scenario until it receives a full sitelist from the database.  It does not, however, remediate any systems where issue has already occurred.  

To remediate your systems, there are a couple of things you can do short of reinstalling the agent.

1. In the agent policy if relay communication is enabled, you can set up a relay server in the dmz - sometimes that works, others not - depending on broadcast subnets.  It would only be discoverable within its broadcast domain.

2.  Set  up a temporary dns alias or redirect to point the epo server IP to one of your dmz agent handlers.  This is only long enough for the clients to connect and get an updated sitelist.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Agent handler disappears from the agent

Thanks for this. We will try option 2 this week and get back to you!
Found 4 more servers today losing (public) agent handlers

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 5

Re: Agent handler disappears from the agent

I would definitely open a ticket with McAfee to get hotfix for this issue to prevent it from occurring in the future.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community